Fedora Weekly News Issue 156

This week's issue features an exciting discount for Fedora community members in Australia and New Zealand on Red Hat certification training and exams. Coverage of Fedora Planet includes event reports from a FOSS event in India and a Parisian Fedora install fest, along with a nifty XO Exchange Registry. Another flamewar eruption is covered on the Developments beat, along with updates on the D-Bus in Fedora and discussion on making 'updates-testing' more useful. Fedora websites are now available in Russian and Bulgarian, as reported in this issue's Translations beat. The Artwork beat reports on the Fedora Art Team's re-envisioning discussion as well as using the Fedora branding in the OLPC Sugar interface. The security advisory beat updates us on Fedora 9 and 10 updates, along with reminders of Fedora 8 end of life, January 7, 2009. In virtualization news, details of the latest libvert in RHEL and CentOS 5.2. All this and more in this week's FWN!

FWN is considering changing the format in response to some reader suggestions. The Developments section this week attempts to be considerably shorter and places URLs below each section instead of interspersing them after each paragraph. We welcome reader feedback on the subject: fedora-news-list@redhat.com.

If you are interested in contributing to Fedora Weekly News, please see our 'join' page[1].

for a complete list of Red Hat exams available until 28th February, 2009
and write "Fedora Community Special" in the Promo code box. Make sure

you use your Fedora email id when registering to qualify for the 50%
discount.

If you have a mate who would benefit from a Red Hat certification, make

sure you pass on the good news!

Terms and Conditions*

This offer begins December 15, 2008 and ends on February 28, 2009. Offer
void if participant cancels, no shows, or requests a refund. Offer is
subject to availability. Exams, reschedules and any retakes must be
completed by February 28, 2009. Participants must register for the
promotion at http://www.apac.redhat.com/training/register.php3 and enter
“Fedora Community Special” in the Special Offers section, using their
Fedora email id to register. Offer may not be used for exams in which
you are already enrolled, cancellations and re-bookings. This offer is
not valid in conjunction with any other promotions or special pricing.
Participant is responsible for assessing his/her suitability for
enrolling in the appropriate exam. Government employees and contractors
may not be eligible to receive this offer and the participant
acknowledges that his/her employer is aware of and consents to the
receipt of the offer, and that the receipt of the offer does not violate
the organisation’s policies and regulations. Void where prohibited by
law. Offer is available to residents of Australia and New Zealand only.
Red Hat reserves the right to withdraw or extend this offer at anytime.

Updates

Paul Frields wrote[1] about the update problem affecting D-Bus. "Recently, an update of D-Bus software package in Fedora 10 caused the substantial breakage of some applications, including PackageKit."

The announcement includes instructions that explain how a user can update the system manually using yum on the command-line, and return to business-as-usual.

If you are unable to perform a normal system update using PackageKit and need help, please read the full announcement.

General

Tom Tromey concluded[2,3,4] his excellent series on scripting and extending GDB with Python, including some PyGTK widgetry inside GDB.

Michael DeHaan contemplates the complexity of software projects and how to encourage new people to get involved and contribute. "Projects that have a lot of complex interrelationships and need a lot of experience with the codebase (that is acquired over a long period of time) are less apt to attract casual contributions"[5]

Jesse Keating announced[6] a new Fedora Hosted project, Offtrac: "Offtrac is my attempt at creating a python library for interacting with trac via xmlrpc." The project can already perform a number of tasks including querying, retrieving and creating tickets and milestones.

Kulbir Saini presented[7] some ideas for hacking a Linux install to make it boot faster.

Luis Villa offered[8] a followup regarding some comments that he had made criticizing OpenOffice.org's user interface and praising Office 2007.

Greg DeKoenigsberg introduced[10] the XO Exchange Registry that "connects people who have XOs and don't need them with people who need XOs and don't have them."

Tom Callaway ranted[11] (don't worry, those are his own words) about FOSS licensing. He notes that there are no clear standards for what defines a "Free" distribution, as there are often cases where truly difficult questions arise, but adds "This is why for Fedora, the goal of being 100% Free isn't something that we're losing sleep over. Sure, we'd like to be 100% Free, and we're working towards that every day, but actually being 100% Free is HARD, especially if you want more than 700 MB of packages."

John Poelstra discussed[12] the "Benefits of Detailed Schedules" after last week's approval of the Fedora 11 schedule.

Till Maas announced[13] "some webpages that cache bugzilla queries of package review requests". So if anyone out there would like to jump in and help review some packages, please do so! (there were 719 packages in the NEW state when Till's post went up and already 725 by the time this sentence was written).

Luke Macken decided to share[14] a small python program that determines "the amount of time Fedora updates spend in testing within bodhi". Click in to see the results.

Matthew Garrett apparently spent a bit of time traveling, and during that time analyzed[15] a number of showers, as a metaphor for UI design in software.

Luke Macken committed a Python API for interacting with the Fedora Wiki and shows off[16] some of its statistical gathering abilities.

Developments

Fedora 11: OSS and PulseAudio Conflict Resolved by CUSE ?

A thread[1] from November led Warren Togami to suggest[2] a plan to use CUSE[3] as part of a strategy to deprecate the near obsolete Open Sound System (OSS) which wreaks havoc with PulseAudio enabled boxes. The plan included a fallback to OSS for users who really wanted it.

Bastien Nocera was[4] skeptical that CUSE would be ready in time for Fedora 11 and suggested instead that a list of applications using OSS be created so that they could be fixed.

Rawhide Report 2008-12-08

When the latest Rawhide Report logged[1] one maintainers use of cvs-import.shDominik Mierzejewski criticised[2] the use of the script for updating. Richard Jones asked[3]: "[I]s this stuff really documented anywhere? I have tended to learn it by osmosis, deduction and reading the horribly complicated rules in Makefile.common."

Jason Tibbitts argued[4] that using cvs-import.sh nullified the potential advantages of using an SCM as it sequestered the sources elsewhere. Jesse Keating disagreed[5] due to ease of use issues.

A direct answer was provided[6] by Patrice Dumas with links to the relevant portions of the wiki.

The D-Bus Problem

Ian Amess asked[1] for the current status of a problem caused by a substantial update of the D-Bus package. The update had resulted in the incapacitation of many packages. The most important of these was PackageKit, the default graphical application for managing software.

Colin Walters decided[2] that reverting the update was necessary and that changes to D-Bus policy would be postponed. PackageKit, and its GNOME and KDE clients were updated[3] by Richard Hughes in an attempt to accommodate the changes. Richard testified that "[o]ver the last two days we've all been working really hard on fixing up all the projects after the DBus update. I know personally I'm closing a duplicate bugzilla every 30 minutes." He noted that the delay between creating an update and pushing it to a mirror was a limiting factor in being able to implement these fixes.

A post to @fedora-announce by Paul Frields explained[4] the series of steps which allowed users to re-enable normal system updates using PackageKit. As of 2008-12-15 this notice also appears at the top of all the Fedora Project wiki pages.

Making `updates-testing' More Useful

The means to enable PackageKit to prompt willing users to install testing updates was explored in a thread opened[1] by Matthias Clasen: "Basically, PackageKit should know that these are testing updates, and should ask me 'There are ... package updates available that need testing. Do you want to test these now ?' For extra points, we could even show a 'report back' link somewhere that allows to send comments to bodhi."

Richard Hughes prototyped a solution but worried[2] that it would be necessary to make changes to the users' repository configurations without their explicit consent.

A sub-thread discussed[3] the problem of out-of-sync mirrors and the use of the --skip-broken option with yum (see also this same FWN#156"YUM: Enable --skip-broken by Default?".)

Fedora Suckage ?

The tinder for this week's massive flamewar was laid[1] by Robert Scheck in the form of a dryly ironic, multiple-topic rant. Robert attacked the use of "memory wasting" python daemons, lags in pushing updates compared to the EPEL repositories, lack of information on the recent intrusion, poor German translation, the minimal requirements for LiveCD usage, RPM-4.6 bugs, Red Hat employees blocking Merge Reviews, PackageKit bugs, and the EU support organisation for Fedora[2]!

Although there were several worthy attempts to make use of the above material
for a true conflagration in general the opportunity was wasted and instead
several rational, civil discussions of possible underlying causes and explanations took place. There were some worthy attempts to respond to all parts of this portmanteau complaint, but for the most part the discussion fractured naturally into several threads.

One such thread was concerned with the pushing of a D-Bus update which broke many applications including PackageKit. Kevin Kofler argued[3] that "[...] we need to be more careful with certain types of security updates, and better let them get some QA even if it means the fix gets delayed." Michael Schwendt asserted[4] the lack of active Quality Assurance as one of the contributing factors. KevinKofler explained[5] that the package had been rushed out "Because it was deemed a security update, complete with a CVE ID[.]" See this FWN#156 "The D-Bus Problem" for more details.

Max Spevack took up[6] the complaints about Fedora EMEA and more of that discussion continued[7] on the more appropriate @fedora-ambassadors list.

No further information on the security intrusion was forthcoming from Paul Frields but he relayed[8] that the matter was not being forgotten or hushed up and that he planned to meet with others to discuss communication procedures for any possible future intrusions.

Richard Hughes asked[9] for specific bugs to be filed instead of general rants: "[...] I think you need to write much shorter, to the point emails. Ranting doesn't have much affect on anything, whilst filing bugs and getting involved upstream does." He also corrected Robert that many of the daemons which he complained about were written in C, not in Python.

Colin Walters issued[10] a mea culpa: "Just to be clear, the direct push into stable is my fault; not Red Hat's or other DBus developers or anyone else's. I had originally listed it for updates-testing, but then changed the update to security and in a moment of total stupidity also changed the listing for stable."

The idea of "repeatable updates" was raised[11] again by Les Mikesell and critiqued for want of a practical implementation by James Antill. Jesse Keating made[12] a suggestion: "Treat rawhide as your 'new code' land, leave the release trees as your 'testing and working' code. That is don't be so goddamn eager to push new packages and new upstream releases to every freaking branch in existence."

Behdad Esfahbod tackled[13] the issue of Red Hat employees allegedly stalling on merge reviews. Behdad criticized the jumbling together of so many issues and repudiated any suggestion that as the maintainer of un-reviewed packages he "[...] must incorporate the merge reviews and close them, no thank you, I don't mind not maintaining anything in Fedora, and I certainly didn't block anyone from making progress in the merge reviews. When you say The Red Hat people have to follow the Fedora packaging guidelines and rules same as the Fedora folks', does it mean that Fedora should feel free to decide what *I* work on, when it doesn't decide what other Fedora folks' work on? That doesn't feel right."

The criticism of LiveCD localization was handled[14] by Jeroen van Meeuwen and he accepted that it would be useful if there were some manner in which the Spin SIG could create spins and torrent seeds outside of Fedora release engineering. It seemed that the need to make absolutely certain that such torrents and spins are kept available for support purposes may make this difficult.

Help Needed: Sift "rawhide" for .pc Files

Jesse Keating requested[1] "[...] somebody to examine all the packages in rawhide that provide .pc [pkg-config] files and ensure proper placement of them based on the review guideline. This will likely require interaction with the packages maintainer(s) so the first step should probably be to produce a list of packages that ship .pc in a non -devel package and send the list (sorted by maintainer) to here so that we can discuss and pick off items."

Michael Schwendt helped[2] to start the process by providing some lists of non-devel packages which included .pc files or had requires which pulled in packages which provided .pc files.

Offtrac

An itch scratched[1] by Jesse Keating was to be able to interact with Trac via the commandline to create milestones for the Fedora 11 release cycle. He implemented his own python library, named Offtrac, to interact with trac using XML-RPC and asked for help in firming up the API and extending his client. Later Jesse explained[2] that the purpose was to "[...] make some aspects of using trac easier for folks, not just project owners but people who file tickets in track, like say for package tagging requests, or blocks, or... "

Updates QA and Karma

The updates system came in for some more questioning (see this FWN#156 "Making `updates-testing' More Useful") when Orion Poplawski showed[1] that an rpcbind update for Fedora 9 may have been pushed to stable despite comments made by him indicating that it failed due to a dependency. Orion asked two questions: "[1] Should update submitters be allowed to give positive karma to their updates? Seems like that they are too biased. [2] Is there any requirement that an update have positive karma before being pushed to stable?"

It appeared that ultimately monitoring of such pushes are down to package maintainers and depend upon the good judgment of those doing the updates. Michael Schwendt provided[2] an overview of the situation.

Translation

Modules Updated in translate.fedoraproject.org

5 modules have been updated[1] in translate.fedoraproject.org due to a move in the backend repositories. These are system-config-(services|date|samba|users|nfs). NilsPhilippsen had earlier conveyed[2] the proposed shift. These modules can now be updated via translate.fedoraprojet.org. DiegoZacarao also adds[1] that the docs modules for these 5 modules would also be added soon for translation submission.

New languages for Fedora Websites

The Fedora website pages can now be seen in two more languages - Russian[3] and Bulgarian[4]. Additionally, RickyZhou also mentions[5][6] that the language code needs to be added to the LINGUAS file and a ticket with Fedora Infrastructure can be filed to ensure the translations included in Fedora websites.

Fedora 10- Release Notes Updation Process

Any changes to the Fedora 10 Release Notes are to be submitted via translate.fedoraproject.org into the "f1-" branch[7]. KarstenWade also mentions that an intimation to the fedora-docs mailing list would be helpful to ensure that the modifications are accounted for, for the next build.

Suggestions for Fedora Translation Process Improvements

RobertScheck initiated a general discussion[8] about suggestions to various aspects of the Fedora process including translations. Thomas Spura suggested an an online translation tool[9] that would help more translators to participate in the translation process. Lauri Nurmi reiterates[10] the risks to quality of translations due to a splurge in the quantity of unmonitored translations.

Artwork

Reimagining the Fedora Art Team

Following a talk on the chat channel, Máirín Duffy proposed[1] on @fedora-art a reimagining of the Art Team, as a better way to define the activities encompassed by its members "The Fedora Art Team's name and focus is more on artwork than UI design. Folks in Fedora who need help with UI design or potential contributors who want to help out with UI design might not necessarily link those kinds of tasks to an art team so they might be a bit lost. What if we renamed the art team to be the 'Fedora Design & Creative Team,' and the art team as it is now would be a subgroup of this new design team? Under a 'design' banner, it might be easier for developers seeking out UI design advice to know where to go, and for community UI designers to find a home / a place to get involved." The proposal was welcomed warmly, with only a minor technical concern[2] from Ian Weller "Only thing I'm worried about is renaming all the references to the Art team that we control, but, eh, whatever."

OLPC Branding

An earlier project of the Art Team, reported back at the time in Fedora Weekly News, to create a secondary mark for Fedora derivatives came to fruition: OLPC has started to use it for Sugar and Paul Frields asked[1] for a guidelines compliance check on @fedora-art and Máirín Duffy approved[2] it. This is the first known use of the secondary trademark.

A Fedora Promo Video (Beta)

María Leandro posted[1] on @fedora-art a video experiment she's working on "I'm working on some videos that can be used on events or some clips. This is the first beta (well... 2nd) and is an easy animation on blender with the 'infinite' and the 'four f's' messages. The idea came up because in LatinAmerica there's an event, FLISoL (installfest) and it was a good idea to have 'something' on the big screen when the Fedora-Team is giving some information, media and stickers" and followed quickly[2] with an improved version. WARNING: the video[3] is available in the "evil" Flash format.

Libvirt List

sVirt 0.20 Patch Request for Comments

James Morris announced[1] "the release of v0.20[2] of sVirt, a project to add security labeling support to Linux-based virtualization. I'm hoping to be able to propose an initial version for upstream merge within the next few minor releases, tasks for which are being scoped out
in the new TODO list[3]."

"If the current release passes review, the next major task will be to add
dynamic MCS labeling of domains and disk images for simple isolation."

Daniel P. Berrange said "this patch all looks pretty good to me from a the point of view of libvirt integration & XML config representation."

Latest libvirt on RHEL and CentOS 5.2

Marco Sinhoreli needed[1] libvirt 0.5.x
for testing oVirt on RHEL 5.2. Marco wondered what was necessary to update from the 0.3.x version available for RHEL.

Soon after, Daniel P. Berrange
"uploaded[2] a set of patches[3] which make libvirt 0.5.1 work with
RHEL-5's version of Xen. Basically we have to tweak a few version
assumptions to take account of fact that RHEL-5 Xen has a number of
feature backports like the new paravirt framebuffer and NUMA support."

"Of course running a newer libvirt on RHEL-5 is totally unsupported but
hopefully these will be usful to those who absolutely need this newer
libvirt and don't mind about lack of support."